openssl genrsa -out key.pem 2048openssl rsa -in key.pem -outform PEM -pubout -out public.pemHeader:
{
"alg": "RS512",
"kid": "12345",
"typ": "JWT"
}
Payload:
{
"iss": "s6BhdRkqt3",
"sub": "s6BhdRkqt3",
"exp": 1499187201,
"iat": 1499183601,
"jti": "id123456",
"aud": {"href": "/as/token.oauth2"}
}
TPP should make sure that JWT token has valid issue and expiration dates.
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXrQyzjlnHMJlMBreXkgHFWVVf/nVo0LJ+K1fRo4ndKm76GKUi8dMmOZ11di1ItIH/fhKhj3ofjUrW289nOqAcGsmom3UleuUE4rVNQKWjlgR+Vl+v9hTgcUDnDWZ0LkR/RaX3Q3oOKAhbaANIFcceNgnokUYxZZtKTgb95mTrtjX2q7/OoTaDy80duhay4f3XxSMklZNTQc6PTE4HYvnej23NHo3SJ3upsx6gB8AXqp/uOY824yz0O3RgVpg7GS2YuVXAW57kwQoBkpIp65ys3jIlRuP0hiXsAPA2yxgsMzAdES79kqd/nMM5NbZbCXmB0Sh/hgyQEsPDtrZtBZkQIDAQAB